This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
usukhbayar_g
Contributor
Sunday

IPS Management Update requires manual update

Hello, community.

This issue has been here for almost 2 months. (I guess)

IPS update always requiring manual update from SmartConsole (Custom Policy->Updates-> Update Now

Also blade:IPS AND type:Control shows below.

Screenshot 2025-10-27 114821.png

 

Yes, I tried sk180762. 
[Expert@mn-dc1-r1c1-sec-fw.sg-ch01-01:0]# curl_cli -v -k http://dl3.checkpoint.com
* Rebuilt URL to: http://dl3.checkpoint.com/
* Trying 23.221.70.126...
* TCP_NODELAY set
* Connected to dl3.checkpoint.com (23.221.70.126) port 80 (#0)
< HTTP/1.1 302 Moved Temporarily
< Server: AkamaiGHost
< Content-Length: 0
< Location: http://downloads.checkpoint.com/dc/fileerror.htm
< Date: Mon, 27 Oct 2025 03:50:42 GMT
< Connection: keep-alive
<
* Connection #0 to host dl3.checkpoint.com left intact
[Expert@mn-dc1-r1c1-sec-fw.sg-ch01-01:0]# curl_cli -v -k http://updates.checkpoint.com
* Rebuilt URL to: http://updates.checkpoint.com/
* Trying 18.64.8.40...
* TCP_NODELAY set
* Connected to updates.checkpoint.com (18.64.8.40) port 80 (#0)
< HTTP/1.1 404 Not Found
< Content-Type: text/plain; charset=utf-8
< Content-Length: 15
< Connection: keep-alive
< Date: Mon, 27 Oct 2025 03:50:53 GMT
< Server: awselb/2.0
< X-Cache: Error from cloudfront
< Via: 1.1 41a89bdb610eb303e698e5cb65ce5b76.cloudfront.net (CloudFront)
< X-Amz-Cf-Pop: ICN57-P2
< X-Amz-Cf-Id: 9FUSRIj4yugTyD4vDgHzT5VX1gMsFIXgGy1VAPiYeUtq7-SI7XPlDg==
<
* Connection #0 to host updates.checkpoint.com left intact
Page not found!

Since I know its not license. Did someone encoutered this issue, if yes, how did you resolved it?

SmartConsole version: 81.20.9700.671

0 Kudos
17 Replies
the_rock
MVP Gold
MVP Gold
Sunday

Silly question, but I suppose updates are set as scheduled in smart console? Can you ping updates.checkpoint.com?

Best,
Andy
0 Kudos
usukhbayar_g
Contributor
Sunday
In response to the_rock

Yes, I can.

PING d3dzd94mv2pmza.cloudfront.net (18.64.8.106) 56(84) bytes of data.
64 bytes from server-18-64-8-106.icn57.r.cloudfront.net (18.64.8.106): icmp_seq=1 ttl=242 time=205 ms
64 bytes from server-18-64-8-106.icn57.r.cloudfront.net (18.64.8.106): icmp_seq=2 ttl=242 time=204 ms
64 bytes from server-18-64-8-106.icn57.r.cloudfront.net (18.64.8.106): icmp_seq=3 ttl=242 time=204 ms
64 bytes from server-18-64-8-106.icn57.r.cloudfront.net (18.64.8.106): icmp_seq=4 ttl=242 time=204 ms
64 bytes from server-18-64-8-106.icn57.r.cloudfront.net (18.64.8.106): icmp_seq=5 ttl=242 time=204 ms
^C
--- d3dzd94mv2pmza.cloudfront.net ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4459ms
rtt min/avg/max/mdev = 204.404/204.566/205.133/0.638 ms

the_rock
MVP Gold
MVP Gold
Sunday
In response to usukhbayar_g

K great. Well, since its midnight where I am, going to sleep, but will send you few things when I wake up from my lab, so you can verify in your environment.

Best,
Andy
0 Kudos
usukhbayar_g
Contributor
Sunday
In response to the_rock

Sure, good night then xD

0 Kudos
the_rock
MVP Gold
MVP Gold
Monday
In response to usukhbayar_g

Hey @usukhbayar_g ,

Just to be 100% sure, can you compare what I attached here from the lab?

***********************

[Expert@CP-MANAGEMENT:0]# curl_cli -k updates.checkpoint.com
Page not found![Expert@CP-MANAGEMENT:0]# curl_cli -k cws.checkpoint.com
<HTML><HEAD><TITLE>Error</TITLE></HEAD><BODY>
An error occurred while processing your request.<p>
Reference&#32;&#35;97&#46;46182117&#46;1761560792&#46;4b7f98c7
<P>https&#58;&#47;&#47;errors&#46;edgesuite&#46;net&#47;97&#46;46182117&#46;1761560792&#46;4b7f98c7</P>
</BODY></HTML>
[Expert@CP-MANAGEMENT:0]# ^C
[Expert@CP-MANAGEMENT:0]# curl_cli -k google.com
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
[Expert@CP-MANAGEMENT:0]#

Best,
Andy
Preview file
81 KB
0 Kudos
usukhbayar_g
Contributor
Monday
In response to the_rock

Only thing differs from your output is, when i curl_cli -k cws.checkpoint.com

[Expert@mn-dc1-r1c1-sec-fw.sg-ch01-02:0]# curl_cli -k cws.checkpoint.com
<html><body><h1>It works!</h1></body></html>

0 Kudos
the_rock
MVP Gold
MVP Gold
Monday
In response to usukhbayar_g

What about curl_cli -k google.com? FWIW, just to be sure, machine where smart console is instralled has full Internet connectivity? Also, what dns servers are configured on it?

 

Best,
Andy
0 Kudos
usukhbayar_g
Contributor
Monday
In response to the_rock

[Expert@mn-dc1-r1c1-sec-fw.sg-ch01-02:0]# curl_cli -k google.com
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
[Expert@mn-dc1-r1c1-sec-fw.sg-ch01-02:0]#

Machine running SmartConsole has full internet connectivity. And DNS is set to local DNS server.

0 Kudos
the_rock
MVP Gold
MVP Gold
Monday
In response to usukhbayar_g

Can you try testing with google dns?

Best,
Andy
0 Kudos
the_rock
MVP Gold
MVP Gold
Monday
In response to usukhbayar_g

Do you get same output from both fw AND mgmt server?

Best,
Andy
0 Kudos
emmap
MVP Gold CHKP MVP Gold CHKP
MVP Gold CHKP
Monday

Is there a proxy server configured in Gaia or in SmartConsole for the SMS? When you manually update the IPS in SmartConsole it can use the internet connection from the PC you're running SmartConsole on (I think it gives you the option), and when you use 'curl_cli', unless you explicitly set a proxy in your command, it won't use one, regardless of proxy config. 

(1)
the_rock
MVP Gold
MVP Gold
Monday
In response to emmap

EXCELLENT point Emma. Did not think of that, but makes total sense.

Best,
Andy
0 Kudos
usukhbayar_g
Contributor
Monday
In response to emmap

Hi @emmap,
There is no proxy configured in this environment. So I guess I don't have to set a proxy option in my command.

0 Kudos
the_rock
MVP Gold
MVP Gold
Monday
In response to usukhbayar_g

Just curious, did this ever work?

Best,
Andy
0 Kudos
usukhbayar_g
Contributor
Friday
In response to the_rock

If you are talking about automatic update, yes. Also we don't have proxy before and after this issue shows up.

0 Kudos
Machine_Head
Advisor
Advisor
Friday

To update IPS database on a gateway you roughly have two options, as defined in the gateway object IPS tab:
SmartConsole_1qkml3W8Ri.png

  • First one is directly from gateway.
  • Second one from Manager
    • via Manual or scheduled DB download
      •  then pushing TP policy manual or scheduled too

 

In the Title you mention "management" udpate but in the screenshots you show a gateway failing to download the package.

So what are you really trying to troubleshoot? The gateway or the manager?

To find more detail about why the gateway is failing to download the package you can debug FWD

Make sure to check this sk also
https://support.checkpoint.com/results/sk/sk179425

the_rock
MVP Gold
MVP Gold
Friday
In response to Machine_Head

I believe they have all that set up already, but good sk to follow, for sure.

Best,
Andy
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    Sort by:
    CheckMates Events